(19) 



J 



EuropSisches Patentamt 
European Patent Office 
Office europeen des brevets 



(12) 



(11) EP1 017 203 A2 

EUROPEAN PATENT APPLICATION 



(43) Date of publication: 

05.07.2000 Bulletin 2000/27 

(21) Application number: 99204075.8 

(22) Date of filing: 01.12.1999 



(51) lnt.Cl7: H04L 29/06, H04L 12/26. 
H04L 12/24 



CM 
< 

CO 

CM 



(84) Designated Contracting States: 

AT BE CH CY DE OK ES H FR GB GR IE IT LI LU 
MC NL PTSE 

Designated Extension States: 
AL LT LV MK RO SI 

(30) Priority: 28.12.1998 US 221778 

(71) Applicant: 

NORTEL NETWORKS CORPORATION 
Montreal, Ouebec H2Y 3Y4 (OA) 



(72) Inventors: 

• Davles, Elwyn Brian 

Ely, Cambridgeshire CB7 5AW (GB] 

• Chapman, Alan Stanley John 
Kanata, Ontario (CA) 

(74) Representative: 

Ryan, John Peter William et a! 
Nortel Networks, 
IP Law Group, 
London Road 

Hartow, Essex CM17 9NA (GB) 



(54) Monitoring of Internet differentiated services for transactional applications 



(57) A method of monitoring telecommunications 
network traffic comprising the st^s of: receiving a 
packet stream comprising packets each identified as 
belonging to one of at least three classes: calculating a 
difference between the numbers of packets received 
identified as belonging to a first and a second of said 
classes; and deriving a measure of traffic load on the 



network responsive to said difference. The invention 
also relates to a method for admission control based on 
the above method of monitoring and a method for over- 
coming admission control avoidance, tt also relates to 
apparatus embodying these methods. 
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Description 

FIELD OF THE INVENTION 

[0001] The present invention relates to a method 
and apparatus for measuring and controlling the load 
earned by a telecommunications system for transac- 
tional applications, and a system incorporating the 
same 

BACKGROU ND TO THE IMVFMTinM 



packets directed to a given output, the ToS field is 
inspected to determine the treatment to be given. 
Typically differential treatment is based on the Prec- 
edence value in the ToS field, and may be limited to 
5 two distinct classes of treatment, one for network 

control traffic (a small but vital component) and a 
second for normal data traffic (the rest); the classes 
of traffic are directed into a set of distinct first-in, 
firstK)ut (FIFO) queues associated with each out- 
re put. 



[0002] Packet switched networks achieve very high 
speed by keeping the amount of Interpretation of each 
packet at nodes in the heart of the network to a mini- is 
mum. In general, two decisions need to be made atx)ut 
the packet at each node it encounters: which output link 
it is to be directed to; and what treatment (e.g. prioritisa- 
tion) it should be given within the node, both absolutely 
and relative to other packets. go 
[0003] In production networks using the Internet 
Protocol version 4 (IPv4) the decisions have until very 
recently been based on a very limited subset of the 
fields in the IP header. Typically the output decision is 
made solely on the basis of the destination address. 25 
Treatments within a node are restricted to two classes of 
prioritfsation for normal data traffic and network control 
traffic, based on two distinct values of the Precedence 
field (part of the Type of Service (ToS) octet). Network 
control traffic, which is generated entirely by the admin- 30 
istrative and operational mechanisms of the network 
rather than by users, is typically given absolute priority 
over all other traffic. All user traffic (the remainder) is 
treated identically Normally no guarantees are offered 
as to the delivery of the traffic, and the service offered to 35 
users of these nehworks are described as best efforts' 
services. 

[0004] Tiius in each node (router, host workstation) 
which routes or fonwards packets in an IPv4, each 
packet which arrives on an incoming or ingress Interface 40 
is treated as follows: 



The packets are scheduled into the available output 
bandwidth from the queues according to a schedul- 
ing algorithm. Typically this is an absolute priority 
mechanism in which any network control packet is 
given absolute priority over any normal data packet: 
if there are any network control packets waiting 
when a slot is available on the output link, the 
packet at the head of the network control traffic 
queue will be output onto the link and the packet 
removed from the queue in preference to any wait- 
ing normal packets. OthenMse. if there is a packet 
waiting on the normal data traffic queue, it will be 
output and removed from the queue. 



The packet is read from the incoming interface 

The destination Address field and, optionally, the 45 
Type of Service (ToS) field are extracted from the 
packet 

The Destination Address field and. optionally, the 
ToS field are used as indices into a fonwarding table so 
constructed by means of the dynamic routing proto- 
cols to find the conect output link for the packet 
Routing responsive to the contents of the ToS field 
is currentiy exti-emely uncommon although it has In 
principal been available since the early definition of 55 
IP 

If the node is able to provide differential treatment of 



[0005] Some current routers include more complex 
mechanisms, such as additional classification, filtering, 
queuing, and scheduling mechanisms but there is no 
unifonnity as to how these facilities are invoked, and 
they are not widely deployed in production networks. 
[0006] The limited capabilities of the existing IP net- 
works to be able to differentiate classes of traffic restrict 
the ability of network operators to offer services with 
enhanced quality of service (QoS) to their customers. 
By QoS we mean such things as constraints on the 
delay experienced by a packet, the variation in delays 
experienced by a packet, the relative priority for packets 
of a particular class, and the amount of bandwidth avail- 
able to a class of packets passing through a network. 
[0007] it is becoming clear that certain customers 
and types or application need (and customers would be 
prepared to pay for) a service that Is an improvement 
over the existing best efforts service. 
[0008] One of groups of the services that Is likely to 
be most used to users of an IP data network is transac- 
tional services. Transactional services include, but are 
not limited to World-Wide Web accesses and Remote 
Procedure Call invocations including, for example, inter- 
active database accesses. Transactional services are a 
major component - perhaps as much as 70% - of 
today's data traffic. 

[0009] Within an IP packet switched data network 

all data is can-ied in the form of IP 'datagrams'. An IP 

datagram is a packet consisting of an IP header and an 

IP payload as shown In Figure 2. 

[0010] The IP Header provides all the information 

needed to route the packet through the network. 

[001 1 ] IP datagrams are used to carry the informa- 
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tion of numerous different protocols across the network 
(the protocol in use is indicated by a specific bit pattern 
in the Protocol field of the IP header). One of these pro- 
tocols is the Transport Control Protocol (TCP) reliable 
byte stream transport protocol. In this case the IP pay- 5 
load is made up of a TCP header and the TCP user pay- 
load data. TCP is used as the transporting protocol for a 
large fraction of all user traffic carried across IP net- 
works. 

[001 2] The TCP header is used to carry information 10 
which allows the receiving station to reconstruct the 
transmitted byte stream ttiereby achieving the desired 
reliability of delivery Packets successfully received at 
the receiving end of a connection are positively 
acknowledged by the sending of a specific acknowl- is 
edgement back to the origin of the packet. 
[0013] A fundamental characteristic of TCP is its 
ability to adapt the rate of flow of data across a network 
to provide near optimal use of the available network 
bandwidth. TCP conforms its transmission rate to the 20 
available bandwidth by: 

Increasing its transmission rate in response to suc- 
cessful receipt and acknowledgement of packets 

26 

Reducing its transmission rate in response to miss- 
ing acknowledgements, indicating packet loss (typ- 
ically due to network congestion). 

[0014] In normal operation, the flow rate of a TCP 30 
flow starts at a low value and ramps up through a *slow 
start phase* and a 'congestion avoidance phase* to a 
maximum value as the first few packets are acknowl- 
edged. At some point in this initial ramp up either all 
data will have been sent or a packet will be lost. If a 35 
packet is lost (indicated by missing acknowledgements) 
the flow rate is reduced by 50% and ramp up restarts 
from the reduced value. 

[0015] If multiple packets are lost, the flow is 
reduced to a minimum and the whole process repeats 40 
after a delay designed to allow the network to recover 
from the congestion that caused the dropped packets. 
[001 6] Typically transactional services open a TCP 
reliable byte stream connection from a client to a server 
and issue a 'request' which is in the order of a few tens 45 
to a few hundreds of bytes bng (i.e. one or two packets). 
The request is sent from the dient to a server which 
processes it. performing some local operation and then 
returns some 'response' data which may vary from a few 
bytes (such as a success code) to a few tens of kilo- so 
bytes (such as an image for a web page) over a period 
of between, say. a few hundred milliseconds to 20 sec- 
onds. 

[0017] One problem in integrating such transac- 
tional services into most starxjard QoS schemes is that ss 
the overhead of reserving resources to guarantee the 
delivery of the data Is out of proportion to the size of the 
data delivered and the limited persistence of the con- 
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• nection. Each transaction or small set of transactions Is 
likely to need a separate reservation especially in the 
web access service case. 

[0018] A further problem lies in that the short dura- 
tion of the flow associated with a request or response 
does not allow the conventional flow control algorithms 
of TCP to achieve steady state. This tends to mean that 
the flow may be categorised as 'fragile': loss of a single 
packet will set the TCP flow control algorithm back into 
slow start mode with consequential impact on the 
throughput of the connection. By contrast a well estab- 
lished fk>w. relies on a few dropped packets to control 
the bandwidth used and TCP Is designed to cope with 
occasional dropped packets once steady state is estab- 
lished. 

[0019] A third problem is that the inherent bursti- 
ness of human-mediated interactions (for example web 
accesses) makes it difficult to put in place a service 
which will allow the network to control or predict the load 
of such transactions and hence to offer predictable 
service for them. 

[0020] Furthermore, the essentially random desti- 
nations to which web accesses are directed makes pro- 
visioning of such services difficult. 

OBJECT TO THE INVENTION 

[0021] The invention seeks to provide an improved 
method and apparatus for packet-by-packet admission 
control whereby to support implementation of Differenti- 
ated Services in a packet-switched network. 

SUMMARY OF THE INVENTION 

[0022] According to a first aspect of the present 
invention there is provided a method of monitoring tele- 
communications network traffic comprising the steps of: 
receiving a packet stream comprising packets each 
Identified as belonging to one of at least three classes; 
calculating a difference between the numbers of pack- 
ets received identified as belonging to a first and a sec- 
ond of said classes; and deriving a measure of traffic 
load on the network responsive to said difference. 
[0023] Preferably the method also comprises the 
steps of: providing statistical distribution data descrip- 
tive of said traffic load; deriving said measure of traffic 
load on the network responsive to said statistical distri- 
Ixjtion data. 

[0024] In a preferred embodiment said first class is 
indicative of the beginning of a transactional burst and 
said second class is indicative of the end of a transac- 
tional burst. 

[0025] Preferatsly each initial packet of a transac- 
tional burst is identified as belonging to said first class 
and each final packet of a transactional burst is identi- 
fied as belonging to said second class. 
[0026] In a preferred embodiment wherein a trans- 
actional burst comprises a single packet, said packet is 
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marked as belonging both to said first and to said sec- 
ond classes. 

[0027] Preferably an indication of which dass a 
packet belongs to is contained in the header of said 
packet. 

[0028] In a prefen-ed embodiment said packet is of 
an Internet protocol. 

[0029] In one preferred embodiment, said packet is 
of an Internet Protocol version 4 having a header and 
said indication is located within a second octet of said 
header. 

[0030] In a second prefened emtxxJiment said 
packet is of an Internet Protocol version 6 having a 
header and said indication is located within the bits 4-7 
of a first octet and bits 0-3 of a second octet of said 
header. 

[0031] In one preferred embodiment wherein said 
header comprises a DSCP field, said indications are 
encoded using four values of said DSCP field. 
[0032] According to a second aspect of the present 
invention there is provided a method of performing 
packet data network admission control comprising the 
steps of: receiving a packet stream comprising packets 
each identified as belonging to one of at least three 
classes; calculating a difference between the numbers 
of packets received identified as belonging to a first and 
a second of said classes; deriving a measure of traffic 
load on the network responsive to said difference: and 
accepting and rejecting packets responsive to said 
measure. 

[0033] In a preffen-ed embodiment, the method of 
perfomning packet data network admission control com- 
prises the steps of: receiving a packet on a given traffic 
flow; if said packet is of a first class indicative of the start 
of a new traffic burst then, if a previously stored meas- 
ure of current traffic load is indicative of an admission 
rejection condition being satisfied in respect of said 
received packet discard said packet, otherwise incre- 
ment said measure and fonward said packet; if said 
packet is of a second dass not Indicative of the start or 
end of a traffic burst then forward said packet; and if said 
packet Is of a third class indicative of the end of a traffic 
burst then decrement sard measure of current traffic 
load and forward said packet. 

[0034] Preferably, said measure of current load is a - 

difference between the number of packets of said first 

class previously fonwarded and the number of packets 

of said third class previously forwarded. 

[0035] Preferably, an indication of which dass a 

packet belongs to is contained in the header of said £ 

packet- 

[0036] Preferably, said packet is of an Internet pro- 
tocol. 

[0037] In a first preferred embodiment, said packet 
is of an Internet Protocol version 4 having a header and 5 
said indication is located within a second octet of said 
header. 

[0038] In a second preferred embodiment, said 



packet is of an Internet Protocol version 6 having a 
header and said indication is located within the bits 4-7 
of a first octet and bits 0-3 of a second octet of said 
header. 

5 [0039] In one prefened embodiment wherein said 
header comprises a DSCP field, said indications are 
encoded using four values of said DSCP field. 
[0040] According to a third aspect of the present 
invention there is provided a method of preventing 
10 abuse of the admission control method comprising the 
steps of: receiving a traffic flow comprising data pack- 
ets; monitoring the rate of occurrence of packets indica- 
tive of starts and ends of transactional bursts within said 
traffic flow; if said rate meets a suspected-abuse crrte- 
is rion, a first packet received on said traffic flow is marked 
as indicative of the start of a transaction and a second 
packet received on said traffic flow is marked as indica- 
tive of the end of a transaction; if said packet is marked 
as indicative of the start of a new transaction then, if a 
20 previously stored measure of cun-ent traffic load is indic- 
ative of an admission rejection condition being satisfied 
in respect of said received packet discard said packet, 
othenwise increment said measure and forward said 
packet; if saki packet is marked as not indicative of the 
25 Start or end of a traffic burst then fonA^ard said packet; 
and if said packet is marked as indicative of the end of a 
transaction then decrement said measure of current 
traffic load and forward said packet. 
[0041] According to a fourth aspect of the present 
30 invention there is provided a method of transmitting traf- 
fic load information within a packet data stream com- 
prising transactional bursts, comprising the steps of: 
labelling each initial packet of transactional bursts as 
belonging to a first dass; labelling each final packet of 
35 transactional bursts as belonging to a second class; 
labelling each other packet of transactional bursts as 
belonging to one or more further distinct classes 
whereby to identify starts and ends of such transac- 
tional bursts within a packet data stream. 
«? [0042] According to a fifth aspect of the present 
Invention there is provided a packet network node com- 
prising: an input arranged to receive a packet stream 
comprising packets each kJentif ied as belonging to one 
of at least three dasses; a processor an^anged to calcu- 
fs late a difference between the numbers of packets 
received identified as belonging to a first and a second 
of said classes and to calculate a measure of traffic load 
on the network responsive to said difference. 
[0043] According to a sixth aspect of the present 
'0 invention there is provided a packet network node com- 
prising: an input arranged to receive a packet traffic 
flow; a processor arranged to determine for each packet 
received on said traffic flow, (a) whether said packet is 
of a first dass incficative of the start of a new traffic burst 
5 and if so. to determine whether a previously stored 
measure of cun-ent traffic load is indicative of an admis- 
sion rejection condition being satisfied in respect of said 
received packet and if so to discard said packet and oth- 
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erwise to increment said measure and forward said 
packet, (b) whether said packet is of a second class not 
indicative of the start or end of a traffic burst and If so to 
forward said packet, and (c) whether said packet is of a 
third class indicative of the end of a traffic burst and if to 
decrement said measure of current traffic load and for- 
ward said packet. 

[0044] According to a seventh aspect of the present 
invention there is provided a packet network node for 
preventing abuse of admission control comprising: an 
input arranged to receive a packet traffic comprising 
data packets: a processor an^ged to monitor the rate 
of occurrence of packets indicative of starts and ends of 
transactional bursts within said traffic flow; if said rate 
meets a suspected-abuse criterion, to mark a first 
packet received on said traffic flow as Indicative of the 
start of a transaction and to mark a second packet 
received on said traffic flow as indicative of the end of a 
transaction; if said packet is marked as indicative of the 
start of a new transaction then, if a previously stored 
measure of current traffic load is Indicative of an admis- 
sion rejection condition being satisfied in respect of said 
received packet to discard said packet, otherwise to 
increment said measure and forward said packet; if said 
packet is marked as not indicative of the start or end of 
a traffic burst then to fbnward said packet; and if said 
packet is marked as indicative of the end of a transac- 
tion then to decrement said measure of current traffic 
load and to fonn^rd said packet. 
[0045] According to an eighth aspect of the present 
Invention there Is provkJed a communications system 
comprising apparatus according to any one of the fore- 
going aspects of the present invention. 
[0046] The invention also provides for a system for 
the purposes of digital signal processing which com- 
prises one or more instances of apparatus embodying 
the present invention, together with other additional 
apparatus. 

[0047] According to a ninth aspect of the present 
invention there is provided a program for a computer on 
a machine-readable medium embodying a method 
according to any one of the foregoing aspects of the 
present invention. 

[0048] The preferred features may be combined as 
appropriate, as would be apparent to a skilled person, 
and may be combined with any of the aspects of the 
invention. 

BRIEF DESCRIPTION OF THE DRAWINGS 

[0049] In order to show how the invention may be 
carried into effect, embodiments of the invention are 
now described below by way of example only and with 
reference to the accompanying figures In which: 

Figure 1 shows an example of a Internet Protocol 
network; 
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Rgure 2 shows an example of the structure of an 
Internet Protocol datagram; 

Figure 3 shows a schematic diagram of the struc- 
ture of an Internet Protocol version 4 packet 
header; 

Rgure 4 shows a schematic diagram of the struc- 
ture of the Type of Service field in an Internet Proto- 
col version 4 packet; 

Rgure 5 shows a schematic diagram of the struc- 
ture of a proposed Internet Protocol version 6 
packet header; and 

Rgure 6 shows a schematic cfiagram of the struc- 
ture of the Differentiated Services field in a pro- 
posed Internet Protocol version 6 packet 



20 DETAILED DESCRIPTION OF INVENTION 

[0050] The present invention is designed to operate 
in the context of the Internet Engineering Task Force 
(IETF) Differentiated Services (DS) architecture which 
25 provides a framework for implementing additional serv- 
ices with enhanced QoS. 

[0051 ] To avoid problems of scalability in the core of 
large networks, where there are many hundreds or 
thousands or millions of flows of packets, the QoS can- 

30 not be specified at the granularity of individual flows in 
the core of the network. The treatment of packets In the 
core of the network to acNeve the desired QoS must be 
very simple: there is very little time and processing 
effort available for each packet in a network core device 

35 in which a new packet may be arriving as frequently as 
every 50-1 00ns. 

[0052] DS works around these difficulties by work- 
ing only with aggregates of traffic flows rather than Indi- 
vidual flows and pushing as much functionality as 

40 possible out to the edge of the networK leaving some 
very simple mechanisms in the core. 
[0053] The proposed architecture for DS provides 
for two kinds of node (normally routers) to be built into a 
closed DS network domain. At all the ingress and 

45 egress nodes of this network domain are DS Edge 
Devices which implement traffk: conditioning functional- 
ity. The interior nodes (if any) which provide the inter- 
connection of the domain are DS Interior Devices. 
[0054] Both DS Edge and DS Interior Devices in a 

so given DS Domain must implement a consistent set of 
fbnfvarding treatments which are known as Per Hop 
Behaviours (PHBs). The DS architecture supports 
enhanced Quality of Service (QoS) for Internet Protocol 
(IP) services by means of marking each Individual 

55 packet used to deliver data across an IP network with a 
code comprising a small number of bits. 
[0055] Every traffic aggregate which passes 
through a DS node is marked with a DS codepoint (6 bit 
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number) which indicates the class of the traffic. The 
codepoint is used (for example using a mapping table) 
to select the PHB to which the traffic is subjected as it 
passes through a node. 

[0056] The traffic conditioning functionality In the s 
DS Edge Nodes is used to ensure that traffic aggre- 
gates are correctly marked and are within any contract 
(Service Level Agreement) which a customer of the DS 
Domain may make with the domain owner. The traffic 
conditioning will normally involve admission control io 
mechanisms which can dynamically admit or reject por- 
tions of the traffic aggregate to ensure that the SLA is 
not contravened. This can be done in various ways on a 
packet by packet basis or admitting or rejecting com- 
pletely component flowvs, ,5 
[0057] To date packet-by-packet admission control 
has focussed on metering the rate of flow associated 
with an aggregate and either discarding packets which 
are in excess of the agreed rate or offering inferior serv- 
ice to these packets by altering their codepoint. 20 
[0058] Such a mechanism is appropriate for appli- 
cations which generate long term flows of data (such as 
file transfers or voice communications) but is unsuited to 
transactional flows where the concept of an agreed flow 
rate is not relevant. Typically all packets associated with 25 
a single (long term) flow would be initially marked with 
the same code; a traffic conditioning mechanism would 
then mutate the marking rate to an alternative value for 
the proportion of packets that exceed the agreed flow 
(or alternatively, excess packets could be discarded). 30 
[0059] Routers which process the packets as they 
are fonArarded across the IP network inspect the code 
and treat each packet marked with the same value in 
the same way when determining the priority or prefer- 
ence to give to those packets on the next hop of their 35 
path through the networi<. Each set of similarly-marked 
packets constitutes an class, and by applying different 
treatments to different classes a different quality of serv- 
ice can be obtained for each class. For example, access 
to a portion of the network may be refined to traffic in a 4o 
given class which exceeds. In some measurable way, a 
previously agreed contract typically known Service 
Level Agreement (SLA). 

[0080] Because of the nature of the packet traffic 
generated by an application requiring a transactional 45 
service (for example web page request and download) it 
is difficult to create such a Service Level Agreement 
based on a single dass for such packets. The network 
is unable to predict or readily control the load imposed 
by traffic of this nature. 50 
[00S1] In essence the load created by such traffic 
can be characterised as follows: a request imposes a 
load to be transfen-ed from client-to-server which can be 
characterised as a time-limited data 'chunk; the request 
induces a response, which is also a time limited data ss 
'chunk*, in the server-to-client direction; and for each 
specific type of application the sizes of these chunks 
can be characterised statistically. 



[0062] Thus on a network which is supporting a sig- 
nificant number of these transactions the overall load 
can be predicted with considerable certainty provided 
that the number of requests and responses in transit 
can be monitored by the network. 
[0063] In order to be able to control the load being 
carried by a service for transactional applications, the 
routers and other network elements routing the packets 
need a mechanism which will allow them to admit and 
exclude traffic according to the actual and predicted 
load which the network will be carrying during the dura- 
tion of a transaction which is atx>ut to start. 
[0064] In general terms it is not possible for a device 
or network which is not originating this traffic to deter- 
mine the start and finish of such transactions. Conse- 
quently a suitable service cannot be delivered using a 
single class for all such packets. 
[0065] In a first embodiment of the present inven- 
tion: 

• The initial packet of each request and response is 
marked as belonging to a specific class. A. 

Those packets wNch are transmitted neither first 
nor last within a request or response are marked 
with a third class. B, which is distinct from A. 

• The final packet of each request and response is 
marked as belonging to an class, C, which is dis- 
tinct from both A and B. 

• Where a request or response comprises a single 
packet, an additional mark is used to indicate mem- 
bership of both forwarding classes A and C. 



[0066] In addition, and for each dass of traffic, tiie 
router can be provided with statistical distribution infor- 
mation characterising the nature of transactions of that 
dass. 

[0067] Referring now to Figure 6, there Is shown a 
network of routers 10-1 1 of which some 10 support net- 
work access functionality whilst other 1 1 may not. Each 
router comprises a processor 10a connected to input 
streams on its connections 12 and may comprise a stor- 
age medium 10b. As each packet passes tiirough a 
router in a network, ttie router can keep track of ttie dif- 
ference between the number of ti-ansaction start (A) and 
transaction end (C) packets which have passed in a par- 
ticular direction it. This gives a count of the number of 
ti-ansactions currently in progress at any given time. 
Combining tills information witti the known statistical 
disti-toution of the data b-afffic relevant to the application 
creating the data, enables tiie router to fonri a statistical 
estimate of tiie cun^ent load on ttie network, and specif- 
ically the load on tiie next link in tfie network along 
which that data is fransmitted. Botti the count of ttie 
number of transactions currently in progress and tfie 
statistical data may be stored on tfie local storage 
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medium 10b. 

[0068] The router can then use this traffic infomna- 
tion to limit the total number of transactions in progress. 
This is achieved by making use of the flow control 
mechanisms of TCP which operate as follows. In normal s 
operation, a transport layer connection using the TCP 
protocol is a windowing flow controlled reliable byte 
stream protocol. To achieve reliability a system of posi- 
tive acknowledgements by the receiving station Is used 
(i.e. every packet of data received is acknowledged by io 
the receiver sending an ACK padiet to the transmitter). 
[0069] The flow control mechanism used by TCP is 
complex and is designed to allow TCP to adapt to the 
available transmission bandwidth and congestion state 
of virtually any transmission link. is 
[0070] As a reliable transport layer protocol, the 
TCP is responsible for providing an error-free stream of 
bytes, delivered in the correct sequence. Since the loss 
of data packets is possible, the TCP must perform 
retransmissions in order to achieve these characteris- 20 
tics. 

[0071 1 In addition the TCP running in two communi- 
cating end-systems performs an end-to-end flow control 
on the data flow. The amount of data being sent by a 
TCP source is restricted by the window mechanism. At 2S 
the beginning of a TCP connection, the TCP source can 
only send a small number of data packets. On receipt of 
the ACK frames for these data packets, the TCP source 
then increases the window size and sends more data. In 
this way the TCP window mechanism prevents a large 30 
number of data packets being initially sent into the net- 
work. 

[0072] The window opening procedure has three 
phases: 

35 

rapid increase (PI) known as 'slow start*. 

slow increase (P2) known as 'congestion avoid- 
ance*. 



constant; with the window fully open (P3). 



40 



[0073] Initially the window size is one, and the 
source can send just one data packet. On receipt of the 
ACK frame the window is increased to two packets and 45 
two new packets can be sent. For each received ACK 
frame, the TCP window is increased by one packet size 
and one window's worth of new data packets will be 
sent. Hence, this phase is called the exponential growth 
zone since the value of the TCP window size increases so 
exponentially: 1 , 2, 4, 8. 1 6 and so on for each round trip 
cycle. 

[0074] When the TCP window reaches half of its 
maximum size, the slow increase phase is entered. In 
this phase the growth slows down and increases by only ss 
one data packet per round trip time (RTT); that is when 
all data packets from the cunrent window become 
acknowledged. This phase ends when the TCP window 



becomes fully open. When the TCP window is fully open 
the TCP connection is in a kind of equilibrium, since as 
a packet leaves the network a new packet enters. The 
TCP has a self-clocking time window size mechanism 
which is maintained by ACK frames. The delay experi- 
enced by a data packet and its ACK frame is used to 
dynamically adjust the data flow to both the available 
bandwidth and the prevailing network loading. 
[0075] When a TCP data packet is lost, the sender 
can recover using either the Fast Retransmit scheme or 
to wart for the retransmission time-out to expire. The 
Fast Retransmit scheme is triggered on the arrival of at 
least three duplicate ACK frames which indicates the 
need for the missing packet to be retransmitted. This 
retransmission is followed by the Congestion Avoidance 
procedure which reduces the TCP window size by half. 
In contrast, if the sender relies on the retransmission 
time-out, the packet transmission rate is reduced drasti- 
cally since the retransmission is followed by the Slow 
Start procedure with the window size reset to 1 packet. 
As can be seen, in both cases the value of the traffic 
offered by a sender to the system decreases but, in the 
second case, the decrease is more drastic. 
[0076] According to the present invention, packets 
are preferably discarded while the protocol is in the slow 
start phase when the window size is one. rather than in 
any later stage. The corresponds to discarding initial 
packets from a given transaction (i.e. those of class A). 
This effectively prevents the TCP session from sending 
any further packets on the connection until the retrans- 
mission timeout has expired, thereby limiting the load 
experienced by the network without any unnecessary 
packets being transmitted. If an initial packet of a trans- 
action (i.e. a packet marked as of class A) is discarded 
by a router on its path through a network, (for example 
because the network management system considers 
the network to be too heavily loaded at that time to 
accept new transactions), the packet will not be 
received at its destination and hence not acknowledged 
back to the originating sender. According to the TCP 
transmission scheme described above, the initial packet 
will have been sent during the TCP slow start phase, 
and specifically when the window is just one packet 
wide (the situation when the session has just been initi- 
ated). No following packets (of classes B and C) from 
the same transaction will be transmitted until the start 
packet (of dass A) has been successfully acknowl- 
edged. 

[0077] In due course, the TCP session sender 
retransmits the start packet in the normal course of the 
operation of the TCP protocol. It at the time of this 
retransmission, the load on the network has decreased 
then the new copy of the start packet will be success- 
fully foHA/arded and acknowledged following which the 
remainder of the transaction data (in packets marked as 
of classes B and C) will be passed across the network 
as normal. The start pad^et will be counted, increment- 
ing the outstanding transaction load and thereby 
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increasing the current estimate of traffic load. Process- 
ing of the conresponding end packet (of class C) causes 
the counter to be decremented, thereby reducing the 
current estimate of traffic load. 
[0078] Consequently a network management sys- 
tem is able, simply by counting packets marked with first 
and last dass codes, to estimate the approximate load 
currently imposed on the network by a transactional 
service as being the difference between the totals of 
such packets transmitted and acknowledged which rep- 
resenting the number of transactions in progress. This 
can be converted into an approximation of the load by 
reference to the statistical profile of the corresponding 
requests and responses. 

[0079] This estimate of the load imposed by the 
service can be used by a network management system 
to deny admission to the network to new requests and 
responses simply by causing network nodes deliber- 
ately to discard all packets marked as being of the first 
class, A. This deliberate discarding is best carried out at 
the earliest opportunity In the patii the packet follows in 
the network, ideally at the access nodes at the periph- 
ery of the network, so as to avoid unnecessary intra- 
network traffic which is subsequentiy discarded. Such 
discarding of initial packets continues until the network 
load reduces to a level at which new transactions are to 
be admitted, according to some admission control crite- 
rion. The TCP protocol retransmits such initial packets 
until one is allowed through. 

[0080] The present invention tiierefbre provides an 
improved means of packet-by-packet admission control 
in a DS context. The class marking provides a means by 
which a service can be offered which both allows a user 
application to influence the behaviour of the network 
such that it behaves in way which better reflects the 
needs of the network, and allows a network operator to 
control the load imposed by customers by selectively 
blocking parts of customer traffic flows. 
[0081] This packet marking mechanism allows use- 
ful quantitative SLA's to be offered for transactional 
services that were not previously possible. With this 
added ability to control the load on the network In this 
way, transactional services can offer enhanced assur- 
ances on tiie delivery of the data 'chunks' by appropri- 
ate use of priority and resenration of resources. 
[0082] Whilst the invention has been described in 
terms of a single set of three classes, the invention can 
also be applied simultaneously on a per dass of traffic 
basis, allowing different levels of control and different 
statistical characteristics to be employed for different 
classes of traffic. 

[0083] In a first prefen-ed embodiment of the 
present invention, an Internet Protocol header field, 
called the Differentiated Services (DS) field, is defined! 
which replaces the existing definitions of the Internet 
Protocol version 4 (IPv4) ToS octet and the Internet Pro- 
tocol version 6 {IPv6) Traffic Class octet. 
[0084] Refenring now to Figure 3, there is shown a 
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schematic summary of the contents of an Internet Pro- 
tocol version 4 packet header showing the fields which 
it comprises: Version, Internet Header Length (IHL), 
Type of Service (ToS), Total Length. Identtficationi 
Flags, Fragment Offset, Time to Live. Protocol. Header 
Checksum, Source Address. Destination Address. 
Options, and Padding. Each tick mark in the figure 
denotes one bit position. 

[0085] Of these fields it is the Type of Service (ToS) 
field that is of interest in the present context. As shown 
in Figure 4, it consists of 8 bits and provides an indica- 
tion of the abstract parameters of the desired quality of 
service. The ToS parameters are to be used to guide the 
selection of the actual service parameters when trans- 
mitting a datagram through a particular network. Some 
networks offer a service precedence feature, which 
ti-eats high precedence traffic as more important than 
other traffic. This is generally achieved by accepting 
only traffic above a certain precedence at time of high 
load. The major choice is a three way trade-off between 
low-delay. hrgh-reliabiWy, and high-throughput. 
[0086] In the ToS field Bits 0-2 are used to indicate 
Precedence, Bit 3 is used to indicate Delay (D) (0 = Nor- 
mal Delay; 1 = Low Delay). Bit 4 is used to indicate 
Throughput (T) (0 = Normal Throughput: 1 = High 
Throughput). Bit 5 is used to indicate Reliability (R) (0 = 
Normal Reliability; 1 = High Reliability), and Bits 6-7 are 
resented for future use. 

[0087] The precedence combinations and corre- 
sponding functions are: 



111 


- Network Control 


110 


- Internetwork Control 


101 


- CRITIC/ECP 


100 


- Flash Oven'ide 


oil 


- Flash 


010 


- Immediate 


001 


- Priority 


000 


- Routine 
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[0088] The use of the Delay (D). Throughput (T), 
and Reliability (R) indications may be used to determine 
tiie price charged for a given type of service. Only one 
of these indicators may be set on a packet. 
[0089] The Type of Service field is used to specify 
the ti-eatment of the datagram during its ti-ansmission 
through the IP network. 

[0090] The Network Control precedence designa- 
tion is intended to be used witiiin a network only The 
actual use and control of that designation is at the dis- 
cretion of each network operator The Internetwork 
Control designation Is intended for use by gateway con- 
trol originators only If the actual use of these prece- 
dence designations is of any concern in a particular 
network, it is the responsibility of the operator of that 
network to control the access to. and use of, those prec- 
edence designations. 

[0091] Referring now to Figure 5 there is shown a 



BNSDOCID: <EP 1017203A2J_> 



8 



15 



EP1 017 203 A2 



16 



schematic diagram of the corresponding structure of a 
proposed Internet Protocol version 6 packet header 
showing the fields which It conriprises: Version, Traffic 
Class. Flow Label, Payioad Length. Next Header. Hop 
Limit, Source Address, and Destination Address. 
[0092] Of these fields it is the Traffic Class (TC) field 
that is of interest in the present context. The TC field 
consists of 8 bits. 

[0093] Both the ToS field of IPv4 and the TC field of 
IPv6 are limited to eight bits in length. They can each be 
conveniently be replaced by an eight-bit Differentiated 
Services (DS) field as shown in Figure 4. Bits 0-5 of the 
DS field are used as a Differentiated Services Code- 
point (DSCP) to select the Per Hop Behaviour (PHB) 
that is applied to the packet at each node; Bits 6-7 of the 
DS field are used as a two-bit Currently Unused. (CU) 
field, which may be assigned later (e.g. for explicit con- 
gestion notification) but which at present is not assigned 
for any specific use. The value of the CU bits are 
ignored by Differentiated Services compliant nodes 
when determining the PHB to apply to a received 
packet. 

[0094] DS-compliant nodes select PHB's by match- 
ing against the entire 6-bit DSCP field, for example by 
treating the value of the field as a table index which is 
used to select a particular packet handling mechanism 
which has been implemented in that device. The DSCP 
field is defined as an unstructured field to facilitate the 
definition of future per-hop behaviours. 
[0095] Because the mapping from DSCP to PHB is 
fully flexible, there is need be no permanent association 
of values in the DSCP field with classes. A typical exam- 
ple might be: 



dass A packets, the rate of marking by the network can 
be increased until alternate packets are being marked 
dass A and then class C. The resulting decrease in 
potential throughput for that user transaction flow - in a 

5 worst case the entire transaction transfer might then be 
conducted in slow-start mode - acts to provide sufficient 
incentive to users to mark packets according to the pro- 
posed scheme so as to avoid random dropping of his 
packets and poor throughput. 

10 [0099] Any range or device value given herein may 
be extended or altered without losing the effect sought, 
as will be apparent to the skilled person for an under- 
starKling of the teachings herein. 

IS Claims 



A metiiod of monitoring telecommunications net- 
work traffic comprising the steps of: 

receiving a packet stream comprising packets 
each identified as belonging to one of at least 
three classes; 

calculating a difference between the numbers 
of packets received identified as belonging to a 
first and a second of said classes: and 

deriving a measure of traffic load on the net- 
work responsive to said difference. 

A method according to claim 1 comprising the steps 
of: 

providing statistical distribution data descriptive 
of said traffic load; 
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DS Codepoint 


Forwarding Class 


00100 


A 


00101 


B 


00110 


C 


00111 


AandC 



[0096] Admission control mechanisms such as the 
one proposed above are liable to exploitation by unscru- 
pulous users who do not conform to the proposed mark- 
ing pattern (e.g. by sending all packets marked as B). 
[0097] The network can protect itself from this kind 
of exploitation by proposing that if end/start pairs are not 
identified within a given span of packets related to the 
expected size of transaction from that source, then the 
network will itself mark (for example, arbitrarily) two 
packets from class B to class C, and class A respec- 
tively The class A packet would then be subject to 
admission control as for packets so marked by the user. 
[0098] If the user continues to omit tiie sending of 
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deriving said measure of traffic load on the net- 
work responsive to said statistical distribution 
data. 

A method according to any one of claims 1-2 
wherein said first dass Is indicative of the beginning 
of a transactional burst, and said second class is 
indicative of the end off a transactional burst. 

A method according to daim 3 wherein each initial 
packet of a transactional burst is identified as 
belonging to said first dass and each final packet of 
a transactional burst is identified as belonging to 
said second class. 

A method according to claim 4 wherein a transac- 
tional burst comprises a single packet and said 
packet is marked as belonging both to said first and 
to said second classes. 

A method according to any one of claims 1-5 
wherein an indication of which class a packet 
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belongs to is contained in the header of said 
packet. 

A method according to daim 6 wherein said packet 
is of an Internet protocol. 

A method according to daim 7 wherein said packet 
is of an Internet Protocol version 4 having a header 
and said indication is located within a second octet 
of said header. 

A method according to claim 7 wherein said packet 
is of an Internet Protocol version 6 having a header 
and said indication is located within the bits 4-7 of a 
first octet and bits 0-3 of a second octet of said 
header. 



10. A method according to claim 6 wherein said header 
comprises a DSCP field and said indications are 
encoded using four values of said DSCP field. 



packet. 



7. 



8. 



9. 
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11. A method of performing packet data network 
admission control comprising the steps of: 

receiving a packet stream comprising packets 
each identified as belonging to one of at least 
three classes; 

calculating a difference between the numbers 
of packets received identified as belonging to a 
first and a second of said classes; 

deriving a measure of traffic load on the net- 
work responsive to said difference; and 

accepting and rejecting packets responsive to 
said measure. 

12. A method of performing packet data network 
admission control comprising the steps of: 

receiving a packet on a given traffic f tow; 

If said packet is of a first class indicative of the 
start of a new traffic burst then, if a previously 
stored measure of current traffic load is indica- 
tive of an admission rejection condition being 
satisfied in respect of said received packet dis- 
card said packet, otherwise increment said 
measure and forward said packet; 

if said packet is of a second class not indicative 
of the start or end of a traffic burst then forward 
said packet; and 

if said packet is of a third class Indicative of the 
end of a traffic burst then deaement said 
measure of current traffic load and fbnward said 



20 



25 



30 



35 



40 



45 



SO 



55 



1 3. A method according to claim 1 2 wherein said meas- 
ure of current load is a difference between the 
number of packets of said first class previously for- 
warded and the number of packets of said third 
dass previously fonvarded. 

14. A method according to any one of claims 12-13 
wherein an indication of which class a packet 
belongs to is contained in the header of said 
packet. 

15. A method according to claim 14 wherein said 
packet is of an Internet protocol. 

16. A method according to claim 15 wherein said 
packet is of an Internet Protocol version 4 having a 
header and said indication is located within a sec- 
ond octet of said header. 

17. A method according to claim 15 wherein said 
packet is of an Internet Protocol version 6 having a 
header and said indication is located within the bits 
4-7 of a first octet and bits 0-3 of a second octet of 
said header. 

18. A method according to claim 14 wherein said 
header comprises a DSCP field and said indica- 
tions are encoded using four values of said DSCP 
field. 

19. A method of preventing abuse of the admission 
control metiiod of any one of claims 12-18 compris- 
ing the steps of 

receiving a traffic flow comprising data packets; 

monitoring the rate of occurrence of packets 
indicative of starts and ends of transactional 
bursts within said traffic flow; 

if said rate meets a suspected-abuse criterion, 
a first packet received on said traffic flow is 
marked as indicative of the start of a transac- 
tion and a second packet received on said traf- 
fic flow Is marked as indicative of the end of a 
transaction; 

if said packet is marked as indicative of the 
start of a new transaction then, if a previously 
stored measure of cun-ent traffk; toad is Indica- 
tive of an admission rejection condition being 
satisfied in respect of said received packets dis- 
card said packet. othenA^ise increment said 
measure and fbnward said packet; 

if said packet is marked as not Indicative of the 
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20. 



start or end of a traffic burst then fonfvard said 
packet; and 

if said packet is marked as indicative of the end 
of a transaction then decrement said measure 
of current traffic load and fonA/ard said packet. 

A method of transmitting traffic load information 
within a packet data stream comprising transac- 
tional bursts, comprising the steps of: 

labelling each initial packet of transactional 
bursts as belonging to a first class; 

labelling each final packet of transactional 
bursts as belonging to a second class; 



21. A packet network node comprising: 

an Input arranged to receive a packet stream 
comprising packets each identified as belong- 
ing to one of at least three classes; 

a processor arranged to calculate a difference 
between the numbers of packets received iden- 
tified as belonging to a first and a second of 
said classes and to calculate a measure of traf- 
fic load on the network responsive to said dif- 
ference. 



10 



15 



labelling each other packet of transactionat 
bursts as belonging to one or more further dis- 
tinct classes 20 
whereby to identify starts and ends of such 
transactional bursts within a packet data 
stream. 
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23. A packet network node for preventing abuse of 
admission control comprising: 

an input arranged to receive a packet traffic 
comprising data packets; 

a processor arranged to monitor the rate of 
occurrence of packets irKlicative of starts and 
ends of transactional bursts within said traffic 
flow; if said rate meets a suspected-abuse cri- 
terion, to mark a first packet received on said 
traffic flow as indicative of the start of a transac- 
tion and to mark a second packet received on 
said traffic flow as Indicative of the end of a 
transaction; if said packet is marked as indica- 
tive of the start of a new transaction then. If a 
previously stored measure of current traffic 
load is indicative of an admission rejection con- 
dition being satisfied in respect of said received 
packet to discard said packet, otherwise to 
increment said measure and forward said 
packet; if said packet is marked as not indica- 
tive of the start or end of a traffic burst then to 
fonvard said packet; and if said packet Is 
marked as indicative of the end of a transaction 
then to decrement said measure of currerrt traf- 
fic load and to fbnward said packet. 

24. A communications system comprising apparatus 
according to any one of claims 19-21. 

25. A program for a computer on a machine-readable 
medium embodying the method of any one of 
claims 1-20. 



22. A packet network node comprising: 



an input an^anged to receive a packet traffic 40 
flow; 

a processor arranged to determine for each 
packet received on said traffic flow, (a) whether 
said packet is of a first class indicative of the 
start of a new traffic burst and if so. to deter- 45 
mine whether a previously stored measure of 
current traffic load is indicative of an admission 
rejection condition being satisfied in respect of 
said received packet and if so to discard said 
packet and othenA/ise to increment said meas- so 
ure and fonvard said packet, (b) whether said 
packet is of a second class not indicative of the 
start or end of a traffic burst and if so to forv^rd 
said packet, and (c) whether said packet is of a 
third dass indicative of the end of a traffic burst S5 
and if to decrement said measure of current 
traffic load and fbnivard said packet. 
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